CN109492418A - A kind of safe encrypting and deciphering system of general dsp based on aes algorithm - Google Patents

A kind of safe encrypting and deciphering system of general dsp based on aes algorithm Download PDF

Info

Publication number
CN109492418A
CN109492418A CN201811395130.4A CN201811395130A CN109492418A CN 109492418 A CN109492418 A CN 109492418A CN 201811395130 A CN201811395130 A CN 201811395130A CN 109492418 A CN109492418 A CN 109492418A
Authority
CN
China
Prior art keywords
aes algorithm
module
data
program
deciphering
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811395130.4A
Other languages
Chinese (zh)
Inventor
陈振娇
张猛华
徐新宇
张宇涵
强小燕
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CETC 58 Research Institute
Original Assignee
CETC 58 Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CETC 58 Research Institute filed Critical CETC 58 Research Institute
Priority to CN201811395130.4A priority Critical patent/CN109492418A/en
Publication of CN109492418A publication Critical patent/CN109492418A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Signal Processing (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of safe encrypting and deciphering systems of the general dsp based on aes algorithm, including host computer, nextport universal digital signal processor NextPort, serial ports downloader, the deciphering module based on aes algorithm, OTP memory module and program storage based on aes algorithm;For generating ciphertext program code after the program code of security protection will be needed encrypted as code key storage is encrypted in program memory, host computer is also used to by serial ports downloader download to generate in ciphering process 11 wheel decruption keys in OTP memory module host computer.The present invention effectively can prevent program code to be read directly in bus interface; strict protection has been carried out to the program code operated in DSP; in links such as data generation, data transmission, data storage, data runs; the present invention energy security protection, is effectively guaranteed the data safety of operating system.

Description

A kind of safe encrypting and deciphering system of general dsp based on aes algorithm
Technical field
The present invention relates to a kind of safe encrypting and deciphering systems of the general dsp based on aes algorithm, for general dsp to be designed to Digital signal processor with flexible decryption function, belongs to protecting information safety processing technology field.
Background technique
As the increasingly information-based of modern society, digitlization and networking, demand of the people to information security technology are more next More extensive, the application field of information security technology gradually expands to social life from traditional military affairs, political department Various aspects, safety information product become the important leverage of the benign operating of entire society.DSP is as data processing and algorithm application Core devices, all kinds of space flight, aviation electronic system in play extremely important effect.In application process, third Side can obtain active program code by many approach, and the information such as especially all kinds of core algorithms, communication protocol can not It is effectively protected.As the hardware carrier of information security technology, the safe encrypting and deciphering system of building one guarantees data processing Information is capable of safe transmission and execution and becomes most important.
Summary of the invention
In order to solve the above-mentioned technical problems, the present invention provides a kind of safe encryption and decryption systems of general dsp based on aes algorithm System.
In order to achieve the above object, technical scheme is as follows:
The present invention provides a kind of safe encrypting and deciphering system of the general dsp based on aes algorithm, comprising:
One host computer based on aes algorithm;
One nextport universal digital signal processor NextPort;
One serial ports downloader;
One deciphering module based on aes algorithm;
One OTP memory module;
One or more program storages are connected with the nextport universal digital signal processor NextPort;
The deciphering module and OTP memory module are built in the nextport universal digital signal processor NextPort;
The host computer based on aes algorithm is for generating ciphertext program generation after the program code of security protection will be needed encrypted Code is stored in described program memory as encryption code key, and the host computer based on aes algorithm is also used to ciphering process 11 wheel decruption keys of middle generation download in the OTP memory module by serial ports downloader.
As a preferred option, under the host computer based on aes algorithm supports aes algorithm encryption, decruption key to generate Carry and serial communication function, the encryption key of aes algorithm can an any given 128Bit data, but encryption key and downloading It must be corresponding to the decruption key in DSP piece.
As a preferred option, the serial ports downloader supports customized communication protocol, is used for decruption key and control The download transmission of information.
As a preferred option, described program memory device is on the external bus on digital signal processor outside.
As a preferred option, built-in three pieces of regions of the OTP memory module for store 11 wheel decruption keys and JTAG shielding control signal.
As a preferred option, the operating mode of DSP is divided into secure operating mode and normal mode of operation, trouble free service mould Formula is consistent with timing under normal mode of operation;Under secure operating mode, ciphertext data in program memory are stored through solving The plaintext code generated after close module decryption is shifted to chip memory space, completes the execution of program.
As a preferred option, under secure operating mode, JTAG function of shielding is supported, it can not be by jtag port to electricity Debugged and read on-chip SRAM data in road.
As a preferred option, the DSP is built-in with BootROM module, the mode adjudging built in the BootROM module Module is for distinguishing secure operating mode and normal mode of operation, under secure operating mode, the nextport universal digital signal processor NextPort Ciphertext code is moved in deciphering module through data, address bus by the data-moving module built in BootROM module, to The plaintext code after decryption is moved in on-chip SRAM again after 13 decrypted periods, is opened later to the end of all data decipherings Begin to execute program.
Design increases pattern discrimination and data-moving function in the BootROM module built in DSP.After circuit start, Mode decision module is secure operating mode or common work according to the data information decision circuitry stored in OTP memory module Mode;The decruption key data stored in OTP memory module are read automatically in built-in cipher key register, and pending data is decrypted It is called in journey;The on-chip SRAM total space refreshes clearing automatically.
The operating mode of DSP is determined by the data information that host computer downloads in OTP memory module.In secure operating mode Under, the transmission of DSP external bus interface is ciphertext data;JTAG has maskable function, can not be by jtag port to electricity Debugged and read on-chip SRAM data in road.
The invention has the following advantages: the present invention can effectively prevent program code from directly being read in bus interface It takes, strict protection has been carried out to the program code operated in DSP, key with flexible design and can be stored in OTP memory module It is interior, securely and reliably, also key and program code can not be read by way of dissecting chip.Entire dsp operation system is come Say, in links such as data generation, data transmission, data storage, data runs, the present invention can security protection, effectively It ensure that the data safety of operating system.
Detailed description of the invention
Fig. 1 is the safe encrypting and deciphering system block diagram of general dsp of the invention.
Fig. 2 is the data recording flow chart of host computer of the invention.
Fig. 3 is general dsp internal structure chart of the invention.
Fig. 4 is ciphertext program code execution flow chart of the invention.
Specific embodiment
The preferred embodiment that the invention will now be described in detail with reference to the accompanying drawings.
In order to reach the purpose of the present invention, as shown in Figure 1, providing a kind of base in one of embodiment of the invention In the safe encrypting and deciphering system of the general dsp of aes algorithm, comprising:
One host computer based on aes algorithm;
One nextport universal digital signal processor NextPort;
One serial ports downloader;
One deciphering module based on aes algorithm;
One OTP memory module;
One or more program storages are connected with the nextport universal digital signal processor NextPort;
The deciphering module and OTP memory module are built in the nextport universal digital signal processor NextPort;
The host computer based on aes algorithm is for generating ciphertext program generation after the program code of security protection will be needed encrypted Code is stored in described program memory as encryption code key, and the host computer based on aes algorithm is also used to ciphering process 11 wheel decruption keys of middle generation download in the OTP memory module by serial ports downloader.
Specifically, host computer writes design software program using C Plus Plus, supports 128Bit, 192Bit and 256Bit tri- The aes algorithm of the different bit wides of kind, has aes algorithm encryption and decryption keys systematic function, and user password is supported to log in, and has good Good human-computer interaction interface.Decruption key and the downloading of relevant control information are burnt to DSP by serial ports downloader by host computer Built-in OTP memory module uses therebetween self-defining communication protocol, and it is as described in Figure 2 that data download burning process.OTP Memory module uses Anti-Fuse Technology design, and built-in three pieces of regional spaces are for storing decruption key and JTAG control information.
Specifically, the host computer based on aes algorithm supports aes algorithm encryption, decruption key to generate downloading and serial ports Communication function, the encryption key of aes algorithm can an any given 128Bit data, but encryption key and download to DSP piece Interior decruption key must be corresponding.
Specifically, the serial ports downloader supports customized communication protocol, under decruption key and control information Carry transmission.
Specifically, described program memory device is on the external bus on digital signal processor outside.
Specifically, built-in three pieces of regions of the OTP memory module are for storing 11 wheel decruption keys and JTAG shielding Control signal.
Specifically, the operating mode of DSP is divided into secure operating mode and normal mode of operation, secure operating mode and common Timing is consistent under operating mode;Under secure operating mode, the decrypted module solution of ciphertext data in program memory is stored The plaintext code generated after close is shifted to chip memory space, completes the execution of program.
Specifically, it under secure operating mode, supports JTAG function of shielding, circuit can not be adjusted by jtag port Examination and reading on-chip SRAM data.
Specifically, the DSP is built-in with BootROM module, and the mode decision module built in the BootROM module is used for Secure operating mode and normal mode of operation are distinguished, when working under secure operating mode, the nextport universal digital signal processor NextPort is logical It crosses the data-moving module built in BootROM module to move ciphertext code in deciphering module through data, address bus, to 13 The plaintext code after decryption is moved in on-chip SRAM again after a decrypted periods, is started later to the end of all data decipherings Execute program.
Design increases pattern discrimination and data-moving function in the BootROM built in DSP.After circuit start, mode Judging module is secure operating mode or common Working mould according to the data information decision circuitry stored in OTP memory module Formula;The decruption key data stored in OTP memory module are read automatically in built-in cipher key register, pending data decrypting process Middle calling;The on-chip SRAM total space refreshes clearing automatically.
The present invention is based on general dsp exploitation design, in the base for not changing original general dsp framework, instruction set and function Increase the design of AES deciphering module and OTP memory module on plinth, structure is as shown in Figure 3.On the basis of retaining primary circuit, Increase mode adjudging and data-moving design.Circuit uses Top-Down Design thinking, in experience demonstration, logical design, emulation Upgrade to the general dsp for having aes algorithm decryption function after verifying, layout design, plate-making flow and packaging and testing.
Circuit is after electrifying startup, and BootROM module is according to the Working mould of the data decision circuitry in OTP memory module Formula, under conditions of not needing security protection, the application method of DSP is as the application method of general dsp;If desired DSP work Make under secure operating mode, host computer and DSP needs are used in combination, and step is substantially as follows:
S1: setting key the plaintext code data for needing safeguard protection is encrypted using host computer, it is close that treated Literary burning program program storage;
S2: decruption key burning is downloaded in OTP memory module using host computer and serial ports downloader;
S3:DSP powers on judgement and detects there is storing data in OTP memory module, that is, enters secure operating mode;
S4: BootROM module built in circuit automatically into secure operating mode, by program storage ciphertext code data move to It is decrypted, process is as shown in figure 4, until executing in slice terminates;
Wherein, decryption executes in process, and to move bit wide be to the program of moving of BootROM module ciphertext data for 4 times of 32Bit, then By the Data Integration of 4 32Bit at the ciphertext data of a 128Bit, AES decryption is enabled, 13 decryption is waited to execute the period, Module output decryption to be decrypted is completed after identifying, in the register that the plaintext code of 128Bit is write to four 32Bit, finally On-chip SRAM is written into the plaintext code in four 32Bit registers respectively again, is moved in circles, until all ciphertext data solutions Close completion.
In addition, under secure operating mode, using host computer, into OTP memory module, burning JTAG controls information, can be with The debugging function of permanent shielding JTAG, i.e., can not read the data information in any by jtag port.
What has been described above is only a preferred embodiment of the present invention, it is noted that for those of ordinary skill in the art For, without departing from the concept of the premise of the invention, various modifications and improvements can be made, these belong to the present invention Protection scope.

Claims (8)

1. a kind of safe encrypting and deciphering system of general dsp based on aes algorithm characterized by comprising
One host computer based on aes algorithm;
One nextport universal digital signal processor NextPort;
One serial ports downloader;
One deciphering module based on aes algorithm;
One OTP memory module;
One or more program storages are connected with the nextport universal digital signal processor NextPort;
The deciphering module and OTP memory module are built in the nextport universal digital signal processor NextPort;
The host computer based on aes algorithm is for generating ciphertext program generation after the program code of security protection will be needed encrypted Code is stored in described program memory as encryption code key, and the host computer based on aes algorithm is also used to ciphering process 11 wheel decruption keys of middle generation download in the OTP memory module by serial ports downloader.
2. the safe encrypting and deciphering system of the general dsp according to claim 1 based on aes algorithm, which is characterized in that the base Aes algorithm encryption, decruption key is supported to generate downloading and serial communication function, the encryption of aes algorithm in the host computer of aes algorithm Key can an any given 128Bit data, but encryption key and download to decruption key in DSP piece must be corresponding.
3. the safe encrypting and deciphering system of the general dsp according to claim 1 based on aes algorithm, which is characterized in that the string Mouth downloader supports customized communication protocol, the download transmission for decruption key and control information.
4. the safe encrypting and deciphering system of the general dsp according to claim 1 based on aes algorithm, which is characterized in that the journey Sequence memory device is on the external bus on digital signal processor outside.
5. the safe encrypting and deciphering system of the general dsp according to claim 1 based on aes algorithm, which is characterized in that described Built-in three pieces of regions of OTP memory module are for storing 11 wheel decruption keys and JTAG shielding control signal.
6. the safe encrypting and deciphering system of the general dsp according to claim 1 based on aes algorithm, which is characterized in that described The operating mode of DSP is divided into secure operating mode and normal mode of operation, timing under secure operating mode and normal mode of operation Unanimously;When working under secure operating mode, generated after storing the decrypted module decryption of ciphertext data in program memory Plaintext code be shifted to chip memory space, complete the execution of program.
7. the safe encrypting and deciphering system of the general dsp according to claim 6 based on aes algorithm, which is characterized in that in safety When working under operating mode, supports JTAG function of shielding, circuit can not be debugged by jtag port and be read in piece SRAM data.
8. the safe encrypting and deciphering system of the general dsp according to claim 7 based on aes algorithm, which is characterized in that described DSP is built-in with BootROM module, the mode decision module built in the BootROM module for distinguish secure operating mode and Normal mode of operation;Under secure operating mode, the nextport universal digital signal processor NextPort is removed by the data built in BootROM module Shifting formwork block moves ciphertext code in deciphering module through data, address bus, after it will decrypt again after 13 decrypted periods Plaintext code move in on-chip SRAM, to the end of all data decipherings after start execute program.
CN201811395130.4A 2018-11-22 2018-11-22 A kind of safe encrypting and deciphering system of general dsp based on aes algorithm Pending CN109492418A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811395130.4A CN109492418A (en) 2018-11-22 2018-11-22 A kind of safe encrypting and deciphering system of general dsp based on aes algorithm

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811395130.4A CN109492418A (en) 2018-11-22 2018-11-22 A kind of safe encrypting and deciphering system of general dsp based on aes algorithm

Publications (1)

Publication Number Publication Date
CN109492418A true CN109492418A (en) 2019-03-19

Family

ID=65697336

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811395130.4A Pending CN109492418A (en) 2018-11-22 2018-11-22 A kind of safe encrypting and deciphering system of general dsp based on aes algorithm

Country Status (1)

Country Link
CN (1) CN109492418A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110135199A (en) * 2019-05-09 2019-08-16 中国电子科技集团公司第五十八研究所 Safety general Digital Signal Processing dsp chip
CN112257082A (en) * 2020-10-19 2021-01-22 北京京航计算通讯研究所 DSP embedded system debugging interface access control method
CN112286096A (en) * 2020-10-19 2021-01-29 北京京航计算通讯研究所 DSP embedded system debugging interface access control system
CN114430319A (en) * 2020-10-29 2022-05-03 漳州立达信光电子科技有限公司 Parallel operation encryption and decryption system, transmitting end device and receiving end device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004114173A3 (en) * 2003-06-25 2005-05-26 Tuev Rheinland Holding Ag Product protection gateway and method for authenticity checking of products
CN104486069A (en) * 2014-12-23 2015-04-01 天津光电通信技术有限公司 GOST encryption and decryption equipment and method based on FPGA (field programmable gate array)
CN105162578A (en) * 2015-09-23 2015-12-16 中国电子科技集团公司第五十八研究所 Encryption circuit applied to universal digital signal processor
CN105184196A (en) * 2015-09-02 2015-12-23 四川九洲电器集团有限责任公司 Electronic system information security protection system and method
CN107947916A (en) * 2017-12-22 2018-04-20 四川大学 A kind of integral type encryption/decryption module based on DES algorithms

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004114173A3 (en) * 2003-06-25 2005-05-26 Tuev Rheinland Holding Ag Product protection gateway and method for authenticity checking of products
CN104486069A (en) * 2014-12-23 2015-04-01 天津光电通信技术有限公司 GOST encryption and decryption equipment and method based on FPGA (field programmable gate array)
CN105184196A (en) * 2015-09-02 2015-12-23 四川九洲电器集团有限责任公司 Electronic system information security protection system and method
CN105162578A (en) * 2015-09-23 2015-12-16 中国电子科技集团公司第五十八研究所 Encryption circuit applied to universal digital signal processor
CN107947916A (en) * 2017-12-22 2018-04-20 四川大学 A kind of integral type encryption/decryption module based on DES algorithms

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110135199A (en) * 2019-05-09 2019-08-16 中国电子科技集团公司第五十八研究所 Safety general Digital Signal Processing dsp chip
CN112257082A (en) * 2020-10-19 2021-01-22 北京京航计算通讯研究所 DSP embedded system debugging interface access control method
CN112286096A (en) * 2020-10-19 2021-01-29 北京京航计算通讯研究所 DSP embedded system debugging interface access control system
CN114430319A (en) * 2020-10-29 2022-05-03 漳州立达信光电子科技有限公司 Parallel operation encryption and decryption system, transmitting end device and receiving end device

Similar Documents

Publication Publication Date Title
CN104156642B (en) A kind of security password input system and method based on safe touch screen control chip
US9251380B1 (en) Method and storage device for isolating and preventing access to processor and memory used in decryption of text
CN109492418A (en) A kind of safe encrypting and deciphering system of general dsp based on aes algorithm
KR102013841B1 (en) Method of managing key for secure storage of data, and and apparatus there-of
CN104202161B (en) A kind of SoC crypto chips
CN102436423B (en) Controller and method for protecting NorFlash core data outside universal sheet
US20080205651A1 (en) Secure processor system without need for manufacturer and user to know encryption information of each other
CN111400732B (en) USB channel-based encryption and decryption module and equipment
US20070101158A1 (en) Security region in a non-volatile memory
CN110135199A (en) Safety general Digital Signal Processing dsp chip
CN104025500A (en) Secure key storage using physically unclonable functions
JP2020529758A (en) Equipment and methods for encrypting and decrypting stored data
KR20110034631A (en) Method and apparatus for securing digital information on an integrated circuit during test operating modes
CN106022169A (en) Encryption protection method based on ZYNQ small-size cipher machine and device for realizing method
CN114785503B (en) Cipher card, root key protection method thereof and computer readable storage medium
CN110659506A (en) Replay protection of memory based on key refresh
RU2458389C2 (en) Single-chip computer and tachograph
CN108959129B (en) Embedded system confidentiality protection method based on hardware
JP2007310601A (en) Microcomputer and method for protecting its software
CN111737773A (en) Embedded secure memory with SE security module function
CN113158203B (en) SOC chip, circuit and external data read-write method of SOC chip
CN114237492A (en) Nonvolatile memory protection method and device
CN109583196B (en) Key generation method
CN102110038B (en) Hardware test circuit structure applied in security chip
CN105844147A (en) Application attestation method and apparatus

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20190319